search menu icon-carat-right cmu-wordmark

CERT Coordination Center

GNU Radius accounting service fails to properly handle exceptional Acct-Status-Type and Acct-Session-Id attributes

Vulnerability Note VU#277396

Original Release Date: 2004-02-05 | Last Revised: 2004-02-05


The GNU Radius accounting service fails to properly handle packets with exceptional Acct-Status-Type and Acct-Session-Id attributes.


GNU Radius is a software package used for remote user authentication and accounting. There is a vulnerability in the way the rad_print_request() function processes a UDP packet containing Acct-Status-Type and Acct-Session-Id attributes that do not specify values.


An attacker who is able to send a UDP packet to the service could cause the Radius daemon (radiusd) to crash. No authentication is required to exploit this vulnerability. The Radius accounting service typically listens on 1813/udp or 1646/udp.



Upgrade to GNU Radius version 1.2.

Block or Restrict Access

Block or restrict access to Radius accounting services (typically 1813/udp or 1646/udp) from untrusted networks such as the Internet.

Vendor Information

Expand all

GNU Radius

Notified:  February 05, 2004 Updated:  February 05, 2004



Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.


This vulnerability has been addressed in GNU Radius 1.2. The latest version of GNU Radius can be found at

CVSS Metrics

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A



This vulnerability was reported by iDEFENSE Labs.

This document was written by Damon Morda and Art Manion.

Other Information

CVE IDs: None
Severity Metric: 7.94
Date Public: 2004-02-04
Date First Published: 2004-02-05
Date Last Updated: 2004-02-05 21:05 UTC
Document Revision: 15

Sponsored by the Department of Homeland Security Office of Cybersecurity and Communications.